https://blog.kalfaoglu.net/tags/whm/Recent content in Whm on kalfaoglu.netHugoenMon, 04 May 2026 00:00:00 +0000https://blog.kalfaoglu.net/posts/2026-05-04-cpanel-auth-bypass-zero-day-en/Mon, 04 May 2026 00:00:00 +0000https://blog.kalfaoglu.net/posts/2026-05-04-cpanel-auth-bypass-zero-day-en/<p>On April 28, 2026, cPanel released an emergency patch for <a href="https://nvd.nist.gov/vuln/detail/CVE-2026-41940">CVE-2026-41940</a> — a CVSS 9.8 authentication bypass that, as it turned out, attackers had been quietly exploiting since approximately February 23. That is roughly two months of zero-day exposure across an estimated 1.5 million internet-facing cPanel &amp; WHM instances. CISA promptly added it to its Known Exploited Vulnerabilities catalog, which is the agency&rsquo;s way of saying: stop reading and go patch.</p>